 |
Post AgTrysTS9rtbhNHfs0 by [email protected] |
 |
More posts by [email protected] |
|
Post #AgS60jUJY7mrRxXtlw by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Some thoughts about attribution in the XZ backdoor, having just wasted so many … |
|
|
|
Post #AgS6kpncPrP0LSYfeS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@lcamtuf @briankrebs If someone is so careful, then probably Jia Tan which soun… |
|
|
|
Post #AgS6kpsE8j5YZkiLpo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@hackyspice @lcamtuf I purposefully didn't get into that angle here bc it&#… |
|
|
|
Post #AgS6pBf74Z1nJGegsa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs what (little) I've seen so far points me towards a state-affili… |
|
|
|
Post #AgS7eVdiYYbI2OTVTc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs @hackyspice @lcamtuf I question state actor. One could imagine a gr… |
|
|
|
Post #AgS7sfkpkLz7SiYaSu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs So, clearly a state actor. But which one?- Russia? No. They general… |
|
|
|
Post #AgS877CQVGqkdTLlEO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs @hackyspice @lcamtuf I did read one analysis and it's suggested… |
|
|
|
Post #AgS9cBaiKCi7Bh5dAG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@lyda @briankrebs @hackyspice @lcamtuf The far right groups are not *generally*… |
|
|
|
Post #AgS9cBfK34OfPzFJLc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Salty @briankrebs @hackyspice @lcamtuf Don't confuse the loud screamy peop… |
|
|
|
Post #AgSC3Ysc2uQl8wdwWm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Sometimes you get gems from LinkedIn:From Chris Wysopal:https://www.linkedin.co… |
|
|
|
Post #AgSCw0pqKCAvTzJOuu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs Single purpose email addresses are pretty common in the Open Source… |
|
|
|
Post #AgSCw0u64NZthBInY0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@publictorsten Maybe. But you probably also can connect other aspects of how th… |
|
|
|
Post #AgSD8zFrVmi8LVfX60 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@publictorsten Also, finding privacy-minded people using single-purpose emails … |
|
|
|
Post #AgSDubORX1bMEyO4JM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs @publictorsten There are whole services dedicated to making it easi… |
|
|
|
Post #AgSDubTlDFr4VSsJbE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Chronotope @publictorsten Only one way to find out. I hope there are multiple … |
|
|
|
Post #AgSFynfc1ntjNpY0X2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs single purpose email are becoming more common if not squarely defac… |
|
|
|
Post #AgSHie6k0sIp07f54C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@waps I feel calling it a witch hunt rn is a) a loaded term and b) a disservice… |
|
|
|
Post #AgSIKZGGTpqMyTCNoO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs absolutely agree. It is not a witch hunt in the case of xz and it i… |
|
|
|
Post #AgSIuqhJ88n9Tc9Ehc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@waps Yep. Such an effort calls for a rigorous approach, which is why I suggest… |
|
|
|
Post #AgSJfFQnVG33VXYAtc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs Indeed:https://infosec.exchange/@tychotithonus/112192099235146057 |
|
|
|
Post #AgSP1wc08eDFZWQsbY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
BTW I hope my post doesn't dissuade people from pursuing privacy-enhancing … |
|
|
|
Post #AgSPeQlOU5Rg5bB4VM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs can one use this tool to search for similiar accounts? by looking h… |
|
|
|
Post #AgSS3GTk3kRRL7tH9s by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs i say you are living in a fantasy world...Secretive White House Sur… |
|
|
|
Post #AgSTqPpIC5BwTTyHxY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs You mean that people should start auditing open source code?From th… |
|
|
|
Post #AgSWmwuvWL3toAe5R2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs What (state-sponsored) China, Unit 26165, Russia, North Korea, Isr… |
|
|
|
Post #AgSXSUeL0cPGIghDDU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs Yep. Not an individual. |
|
|
|
Post #AgSyg7YSMxndUPfSFc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs I don't think this is something that you can do with identities… |
|
|
|
Post #AgTY2T46ZUN6yArWCW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs anybody using addy.io or simplelogin (proton) would be flagged need… |
|
|
|
Post #AgTY2T94H2LFDZBTw8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@xyhhx And the vibe with XZ? Weak, or strong signal? |
|
|
|
Post #AgTrysTS9rtbhNHfs0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
There's one weird seeming mistake, which is the transient use of a second e… |
|
|
|
Post #AgTrysY3sja9vfRM3M by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jripley This is interesting, thanks. Can you explain what precisely this tool … |
|
|
|
Post #AgU4G2vrj7HeVVWj32 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs I don't have much perspective on privacy wrt XZ backdoor attrib… |
|
|
|
Post #AgUOlLCTr42TDzUwu8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs Re: you have to adopt the same practices as cybercriminals. And you… |
|
|
|
Post #AgXuz8cnBgIIHeJ9ZQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs For the lazy ones like me the direkt link 😉 (sorry I didn't … |
